Security Engineer, GRC

We believe that the way people interact with their finances will drastically improve in the next few years. We’re dedicated to empowering this transformation by building the tools and experiences that thousands of developers use to create their own products. Plaid powers the tools millions of people rely on to live a healthier financial life. We work with thousands of companies like Venmo, SoFi, several of the Fortune 500, and many of the largest banks to make it easy for people to connect their financial accounts to the apps and services they want to use. Plaid’s network covers 12,000 financial institutions across the US, Canada, UK and Europe. Founded in 2013, the company is headquartered in San Francisco with offices in New York, Washington D.C., London and Amsterdam.
The Security Governance, Risk, and Compliance (GRC) team is part of Plaid’s security organization, focused on enabling the business by proactively managing information security risks and maintaining effective controls. Our mission is to reduce the likelihood and impact of security risks while operating a robust assurance program that builds trust with our customers, consumers, and data partners. We partner closely across the company to ensure Plaid’s platform remains secure, resilient, and aligned with industry and regulatory expectations.
As a Security Engineer on the GRC team, you will own our GRC automation roadmap—developing and implementing strategies to detect drift from expected security baselines and audited controls. You will collaborate with GRC team members to accelerate workstreams by automating processes across audits, vendor management, risk assessments, security training, and more. Beyond automation, you’ll conduct in-depth, data-driven risk and control assessments that influence critical decisions across the company. Your work will directly impact Plaid’s ability to prevent future incidents and build trust.
This role is perfect for you if:-You enjoy solving complex engineering problems at the intersection of security, risk, and compliance.-You’re passionate about automation and building workflows that reduce manual effort while increasing assurance.-You thrive in a collaborative environment, working across engineering, product, and security teams.-You have a curious mindset with a drive to explore how security controls can fail or be bypassed.

Responsibilities

• Deploy and configure AI tools to drive efficiency across GRC processes.
• Automate evidence collection, control testing, and compliance monitoring across cloud and internal systems.
• Build integrations and Slack bots using APIs/webhooks to streamline GRC workflows.
• Develop dashboards and SQL-driven reports to surface meaningful risk and compliance metrics.
• Write detection logic to alert on security control drift or misconfigurations.
• Perform security risk assessments and recommend mitigation strategies using a data-informed approach.
• Support the buildout of continuous control monitoring infrastructure.

Qualifications

• Strong foundation in core security concepts (e.g., authentication, encryption, logging, access control).
• Hands-on experience with AWS and understanding of cloud-native security controls.
• Proficiency with scripting languages (e.g., Python) and building integrations via APIs/webhooks.
• Strong SQL skills and experience with dashboards or data visualization tools.
• Experience writing rules or logic for compliance drift detection.
• Ability to work independently and cross-functionally, with strong prioritization skills.
• Nice to have:Exposure to security incident response and triage processes.
• Degree in Computer Science, Cybersecurity, or a related field.
• Hands-on experience with Infrastructure as Code (IaC) and configuring cybersecurity tools.

Our mission at Plaid is to unlock financial freedom for everyone. To support that mission, we seek to build a diverse team of driven individuals who care deeply about making the financial ecosystem more equitable. We recognize that strong qualifications can come from both prior work experiences and lived experiences. We encourage you to apply to a role even if your experience doesn't fully match the job description. We are always looking for team members that will bring something unique to Plaid!
Plaid is proud to be an equal opportunity employer and values diversity at our company. We do not discriminate based on race, color, national origin, ethnicity, religion or religious belief, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, military or veteran status, disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state, and local laws. Plaid is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance with your application or interviews due to a disability, please let us know at accommodations@plaid.com.
Please review our Candidate Privacy Notice here.